使用netmgr进行配置,以及监听密码:
在上面拒绝的访问客户以及可以访问的客户机,写入IP地址即可。
进行监听密码配置。
重启监听程序
C:\Users\Administrator>lsnrctl stop
LSNRCTL for 64-bit Windows: Version 12.2.0.1.0 - Production on 26-7月 -2019 17:1
4:37
Copyright (c) 1991, 2016, Oracle. All rights reserved.
正在连接到 (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=UP57VFMG5AH8GDS)(PORT=1521)
))
命令执行成功
C:\Users\Administrator>lsnrctl start
LSNRCTL for 64-bit Windows: Version 12.2.0.1.0 - Production on 26-7月 -2019 17:1
4:40
Copyright (c) 1991, 2016, Oracle. All rights reserved.
启动tnslsnr: 请稍候...
TNSLSNR for 64-bit Windows: Version 12.2.0.1.0 - Production
系统参数文件为D:\app\Administrator\virtual\product\12.2.0\dbhome_1\network\admin
\listener.ora
写入D:\app\Administrator\virtual\product\12.2.0\dbhome_1\log\diag\tnslsnr\UP57VF
MG5AH8GDS\listener\alert\log.xml的日志信息
监听: (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=UP57VFMG5AH8GDS)(PORT=1521)))
监听: (DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(PIPENAME=\\.\pipe\EXTPROC1521ipc)))
正在连接到 (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=UP57VFMG5AH8GDS)(PORT=1521)
))
LISTENER 的 STATUS
------------------------
别名 LISTENER
版本 TNSLSNR for 64-bit Windows: Version 12.2.0.1.0 - Produ
ction
启动日期 26-7月 -2019 17:14:46
正常运行时间 0 天 0 小时 0 分 4 秒
跟踪级别 off
安全性 ON: Local OS Authentication
SNMP OFF
监听程序参数文件 D:\app\Administrator\virtual\product\12.2.0\dbhome_1\n
etwork\admin\listener.ora
监听程序日志文件 D:\app\Administrator\virtual\product\12.2.0\dbhome_1\l
og\diag\tnslsnr\UP57VFMG5AH8GDS\listener\alert\log.xml
监听端点概要...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=UP57VFMG5AH8GDS)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(PIPENAME=\\.\pipe\EXTPROC1521ipc)))
服务摘要..
服务 "CLRExtProc" 包含 1 个实例。
实例 "CLRExtProc", 状态 UNKNOWN, 包含此服务的 1 个处理程序...
命令执行成功
查看sqlnet.ora
# sqlnet.ora Network Configuration File: D:\app\Administrator\virtual\product\12.2.0\dbhome_1\NETWORK\ADMIN\sqlnet.ora
# Generated by Oracle configuration tools.
# This file is actually generated by netca. But if customers choose to
# install "Software Only", this file wont exist and without the native
# authentication, they will not be able to connect to the database on NT.
TCP.VALIDNODE_CHECKING = YES
SQLNET.AUTHENTICATION_SERVICES= (NTS)
TCP.EXCLUDED_NODES= (10.228.246.120, 10.228.246.120)
ADR_BASE = D:\app\Administrator\virtual\product\12.2.0\dbhome_1\log
白名单配置
tcp.invited_nodes白名单配置
tcp.validnode_checking=yes
sqlnet.encryption
SQLNET.EXPIRE_TIME=10
tcp.invited_nodes=(10.2.20.25,10.2.60.20,10.2.60.0/24,10.2.200.0/22) --一定要写自己主机的IP地址啊@!!!!!!!!!!!
sqlnet.inbound_connect_timeout=30
使用10.2.248.x网段进行连接主机数据库如下:bash-3.2$ sqlplus system/cmcc#2019@eoms39
SQL*Plus: Release 11.2.0.4.0 Production on Wed Dec 9 15:19:54 2020
Copyright (c) 1982, 2013, Oracle. All rights reserved.
ERROR:
ORA-12537: TNS:connection closed
在sqlnet.ora中添加如下开放限制
tcp.invited_nodes=(10.2.201.25,10.2.60.208,10.2.60.0/24,10.2.200.0/22,10.2.248.0/24)
重启监听
lsnrctl stop
lsnrctl start
重试连接
bash-3.2$ sqlplus system/cc#2019@eo39SQL*Plus: Release 11.2.0.4.0 Production on Wed Dec 9 15:21:14 2020
Copyright (c) 1982, 2013, Oracle. All rights reserved.
ERROR:
ORA-28002: the password will expire within 7 daysConnected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing optionsSQL>